Brian J Brennan's python-jws is a
nice module for generating and verifying JSON Web Signatures in Python. I've
already written some unit tests for node-jsjws which show that the JSON Web
Signatures it generates can be verified by python-jws and vice versa.

Note that I had to make some minor changes to python-jws in order to add
support for the RSASSA-PSS signature algorithms (PS256, PS384 and
PS512).

Last time out, I added support for RSASSA-PSS encoded signatures to the ursa Node.js module. The code I added exposes the OpenSSL implementation of RSASSA-PSS to Node.js programs. RFC 3447 recommends new applications use RSASSA-PSS instead of the older RSASSA-PKCS1-v1_5 scheme.

Basically, PSS is the newer scheme and can optionally include some randomness
in the encoding (though it doesn't rely on it). There are no known attacks
against PKCS1-v1_5 but you have to be more careful when using it. PKCS#1
recommends PSS in new applications: